mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-26 11:36:03 +03:00
enforce auth for capabilities endpoint
This commit is contained in:
parent
327b992e17
commit
a124025dab
2 changed files with 36 additions and 14 deletions
|
@ -12,6 +12,7 @@
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
from twisted.internet import defer
|
||||||
|
|
||||||
from synapse.http.servlet import RestServlet
|
from synapse.http.servlet import RestServlet
|
||||||
|
|
||||||
|
@ -28,9 +29,14 @@ class CapabilitiesRestServlet(RestServlet):
|
||||||
"""
|
"""
|
||||||
super(CapabilitiesRestServlet, self).__init__()
|
super(CapabilitiesRestServlet, self).__init__()
|
||||||
self.hs = hs
|
self.hs = hs
|
||||||
|
self.auth = hs.get_auth()
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request):
|
def on_GET(self, request):
|
||||||
return 200, {
|
|
||||||
|
yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
|
defer.returnValue(
|
||||||
|
(200, {
|
||||||
"capabilities": {
|
"capabilities": {
|
||||||
"m.room_versions": {
|
"m.room_versions": {
|
||||||
"default": "1",
|
"default": "1",
|
||||||
|
@ -41,7 +47,8 @@ class CapabilitiesRestServlet(RestServlet):
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
})
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def register_servlets(hs, http_server):
|
def register_servlets(hs, http_server):
|
||||||
|
|
|
@ -14,23 +14,38 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS
|
from synapse.api.constants import DEFAULT_ROOM_VERSION, KNOWN_ROOM_VERSIONS
|
||||||
from synapse.rest.client.v2_alpha.capabilities import register_servlets
|
from synapse.rest.client.v2_alpha import capabilities
|
||||||
|
from synapse.rest.client.v1 import login, admin
|
||||||
from tests import unittest
|
from tests import unittest
|
||||||
|
|
||||||
|
|
||||||
class CapabilitiesTestCase(unittest.HomeserverTestCase):
|
class CapabilitiesTestCase(unittest.HomeserverTestCase):
|
||||||
servlets = [register_servlets]
|
|
||||||
|
servlets = [
|
||||||
|
admin.register_servlets,
|
||||||
|
capabilities.register_servlets,
|
||||||
|
login.register_servlets,
|
||||||
|
]
|
||||||
|
|
||||||
def make_homeserver(self, reactor, clock):
|
def make_homeserver(self, reactor, clock):
|
||||||
self.url = b"/_matrix/client/r0/capabilities"
|
self.url = b"/_matrix/client/r0/capabilities"
|
||||||
hs = self.setup_test_homeserver()
|
hs = self.setup_test_homeserver()
|
||||||
return hs
|
return hs
|
||||||
|
|
||||||
def test_get_room_version_capabilities(self):
|
def test_check_auth_required(self):
|
||||||
request, channel = self.make_request("GET", self.url)
|
request, channel = self.make_request("GET", self.url)
|
||||||
self.render(request)
|
self.render(request)
|
||||||
|
|
||||||
|
self.assertEqual(channel.code, 401)
|
||||||
|
|
||||||
|
def test_get_room_version_capabilities(self):
|
||||||
|
self.register_user("user", "pass")
|
||||||
|
access_token = self.login("user", "pass")
|
||||||
|
|
||||||
|
request, channel = self.make_request("GET", self.url, access_token=access_token)
|
||||||
|
self.render(request)
|
||||||
capabilities = channel.json_body['capabilities']
|
capabilities = channel.json_body['capabilities']
|
||||||
|
|
||||||
self.assertEqual(channel.code, 200)
|
self.assertEqual(channel.code, 200)
|
||||||
for room_version in capabilities['m.room_versions']['available'].keys():
|
for room_version in capabilities['m.room_versions']['available'].keys():
|
||||||
self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version)
|
self.assertTrue(room_version in KNOWN_ROOM_VERSIONS, "" + room_version)
|
||||||
|
|
Loading…
Reference in a new issue